security
Posted 4 hours agoProduct Cybersecurity Engineer
at May Mobility
United StatesRemote
Responsibilities
- Integrate security practices — threat modeling, architecture reviews into product development workflows from requirements through release.
- Write, review, and validate security
- Conduct hazard and threat analyses (TARA/HARA) early in the architecture and development lifecycle.
- Analyze and harden the security architecture of vehicle subsystems and autonomous stacks; define system- and product-level security
- Conduct hands-on penetration testing to identify, exploit, and report vulnerabilities across systems, applications, and devices. Physical Requirements
Requirements
- Based in Ann Arbor, Michigan, May develops and deploys autonomous vehicles (AVs) powered by our innovative Multi-Policy Decision Making (MPDM) technology that literally reimagines the way AVs think.
- Maintain working knowledge of R155/156, ISO 21434 and UL 4600; support internal audits, risk assessments, and compliance documentation.
- B.S. Degree in Computer Science, Computer Engineering, or an equivalent degree
- experience in a product cyber security or related role •
- Experience performing threat modeling and attack surface analysis •
- Experience generating and managing Software Bills of Materials (SBOMs) using industry tooling, with working knowledge of SBOM formats such as SPDX and CycloneDX
- Familiarity with vehicle communication networks and protocols across physical and application layers (CAN, LIN, Ethernet, DBCs), embedded systems interaction, and module security technologies.
- Familiarity with security-relevant services in ISO 14229-1 (UDS) •
- Experience in TARA and HARA methodologies;
- experience applying UNECE WP.29, ISO/SAE 21434, and security standards.
- Ability to clearly communicate findings and collaborate with engineering teams to drive timely mitigation and remediation. Desirable •
- Experience in automotive product security at an OEM, Tier 1 supplier, or AV company. •
- Experience with autonomous vehicle systems and components.
- Familiarity with AUTOSAR security modules, secure boot implementations, and penetration testing tools specific to automotive/embedded domains (e.g., CANalyzer, Wireshark, JTAG debugging).
- experience doesn’t align perfectly with every qualification, we encourage you to apply anyway! You may be the perfect candidate for this or another role at May.
Benefits
- Travel required? – Minimal: 1%-10% Benefits and Perks
- Comprehensive healthcare suite including medical, dental, vision, life, and disability plans.
- Health Savings and Flexible Spending Healthcare and Dependent Care Accounts available.
- Rich retirement benefits, including an immediately vested employer safe harbor match.
- Generous paid parental leave as well as a phased return to work.
- Flexible vacation policy in addition to paid company holidays.
- Salary Range $100,000 — $155,000 USD
Additional details
- May Mobility is transforming cities through autonomous technology to create a safer, greener, more accessible world.
- Our vehicles do more than just drive themselves - they provide value to communities, bridge public transit gaps and move people where they need to go safely, easily and with a lot more fun.
- We’re building the world’s best autonomy system to reimagine transit by minimizing congestion, expanding access and encouraging better land use in order to foster more green, vibrant and livable spaces.
- Since our founding in 2017, we’ve given more than 500,000 autonomous rides to real people around the globe.
- We’re hiring people who share our passion for building the future, today, solving real-world problems and seeing the impact of their work. Join us. Job Summary
- This role integrates security practices into development workflows, manages vulnerabilities in vehicle and autonomous systems, supports compliance with automotive cybersecurity standards, and serves as a cross-functional security expert bridging cybersecurity, hardware, and product engineering teams. Essential Responsibilities
- Provide early security input on hardware, firmware, and software design decisions, including third-party and supply chain risk considerations.
- requirements across hardware and software domains; enforce secure coding standards and perform security analysis on main compute systems.
- Assist with maintaining Software Bill of Materials (SBOM) and Hardware Bill of Materials (HBOM) using dedicated SBOM tooling to ensure component visibility, vulnerability tracking, and supply chain transparency across products.
- Apply security lenses during safety and functional assessments in collaboration with safety, systems, and software teams.